[Rpm-maint] [rpm-software-management/rpm] rpmkeys: exit non-zero on I/O errors (#1633)

If writing to stdout or stderr fails, rpmkeys should exit with a non-zero status code. You can view, comment on, or merge this pull request online at: https://github.com/rpm-software-management/rpm/pull/1633 -- Commit Summary -- * rpmkeys: exit non-zero on I/O errors -- File Changes --

Re: [Rpm-maint] [rpm-software-management/rpm] Avoid out-of-bounds pointer arithmetic in dataLength() (#1626)

> @DemiMarie I've repeatedly asked you not to submit more pull-requests of this > kind, because a large percentage of these "but in theory" patches have only > introduced regressions despite hours and days wasted trying to review them. > Rpm relies on this type of arithmetic in any number of pla

Re: [Rpm-maint] [rpm-software-management/rpm] rpmkeys: --checksig should require valid signatures (#1630)

> NAK, this is getting even more confusing. > > I totally agree --checksig is far from ideal, but there are LOTS of legacy > twists associated with it all. I opened #1631 to track it - the main issue to > me is that it's ambiguous - and it needs to be properly though over, taking > all the lega

Re: [Rpm-maint] [rpm-software-management/rpm] Avoid out-of-bounds pointer arithmetic in dataLength() (#1626)

@DemiMarie commented on this pull request. > @@ -474,8 +474,8 @@ static int dataLength(rpm_tagtype_t type, rpm_constdata_t > p, rpm_count_t count, default: if (typeSizes[type] == -1) return -1; - length = typeSizes[(type & 0xf)] * count; - if (length < 0 ||

[Rpm-maint] [rpm-software-management/rpm] Make interactive Lua mode actually interactive (#1632)

Refuse to run rpm.interactive() unless running from tty as a minimal requisite. Make the interactive loop print results immediately instead of process exist, eg ``` $ ./rpm --eval "%{lua:rpm.interactive()}" RPM Interactive Lua 5.4 Interpreter > print(macros['_libdir']) /usr/lib64 > a=5 > print(a

Re: [Rpm-maint] [rpm-software-management/rpm] RFE: split language specifics out of rpm core (#1199)

For the sake of cross-referencing, Python is in the progress of being split via #1607 now. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/issues/1199#issuecomment-817695480

Re: [Rpm-maint] [rpm-software-management/rpm] Avoid out-of-bounds pointer arithmetic in dataLength() (#1626)

Closed #1626. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1626#event-4580817960___ Rpm-maint mailing list Rpm-maint@lists.rpm

Re: [Rpm-maint] [rpm-software-management/rpm] Avoid out-of-bounds pointer arithmetic in dataLength() (#1626)

@DemiMarie I've repeatedly asked you not to submit more pull-requests of this kind, because a large percentage of these "but in theory" patches have only introduced regressions despite hours and days wasted trying to review them. Rpm relies on this type of arithmetic in any number of places, and

Re: [Rpm-maint] [rpm-software-management/rpm] Run each Lua chunk in an inherited, private environment (#1593)

Thanks for the pointer! -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1593#issuecomment-817624131___ Rpm-maint mailing list Rpm

Re: [Rpm-maint] [rpm-software-management/rpm] rpmkeys: --checksig should require valid signatures (#1630)

NAK, this is getting even more confusing. I totally agree --checksig is far from ideal, but there are LOTS of legacy twists associated with it all. I opened #1631 to track it - the main issue to me is that it's ambiguous - and it needs to be properly though over, taking all the legacy crap, FIP

Re: [Rpm-maint] [rpm-software-management/rpm] rpmkeys: --checksig should require valid signatures (#1630)

Closed #1630. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1630#event-4580630218___ Rpm-maint mailing list Rpm-maint@lists.rpm

[Rpm-maint] [rpm-software-management/rpm] rpmkeys --checksig is ambiguous (#1631)

`rpmkeys --checksig` is documented as "checks all the digests and signatures contained in PACKAGE_FILE", which says preciously little about anything as the availability of both digests and signatures varies, and this further depends on `%_pkgverify_level` and various other settings (disablers).

Re: [Rpm-maint] [rpm-software-management/rpm] Run each Lua chunk in an inherited, private environment (#1593)

The nil thing is indeed a Lua peculiarity with globals and how the environment is manipulated here, it basically prevents you from (accidentally) doing something nasty to the environment. https://www.lua.org/pil/14.3.html is technically outdated but explains the basic idea. This patch is origin

Re: [Rpm-maint] [rpm-software-management/rpm] Run each Lua chunk in an inherited, private environment (#1593)

Closed #1593. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1593#event-4580489884___ Rpm-maint mailing list Rpm-maint@lists.rpm

Re: [Rpm-maint] [rpm-software-management/rpm] Avoid out-of-bounds pointer arithmetic in dataLength() (#1626)

@dmach commented on this pull request. > @@ -474,8 +474,8 @@ static int dataLength(rpm_tagtype_t type, rpm_constdata_t > p, rpm_count_t count, default: if (typeSizes[type] == -1) return -1; - length = typeSizes[(type & 0xf)] * count; - if (length < 0 || (se